
class ApplicationController < ActionController::Base
    def cur_user
      User.find_by_name session[:user_name]
    end
    
    def cur_user_name
      session[:user_name]
    end
    
       
    protected
    
    def need_login
      
    end
    
    def need_admin
        if not admin?
          flash[:notice] = "请登录为管理员"
          redirect_to(:controller => "login", :action => "login")
          true
        end
        false
    end
    
    def cannt_do_by user
      if not admin? and user != cur_user_name
          #flash[:notice] = "你的权限不够"
        render :text => '<div id="error">对不起，不能查看当前页面或当前页面不存在!</div>', :layout => true
        true
      end
      false
    end
    
    def admin?
      cur_user.admin?
    end
    
    def authorize
      unless User.find_by_name session[:user_name]
        flash[:notice] = "请登录系统"
        redirect_to(:controller => "login", :action => "login")
      end
    end

  
  end
